• The Journal of Society for e-Business Studies
• /
• v.14 no.3
• /
• pp.169-181
• /
• 2009

As the situations that important evidences or clues are found in digital information devices increase, digital forensic technology is widely applied. In this paper, forensic based audit system is implemented by associating forensic analysis system with agent system which monitors and collects data for analysis in storage devices over distributed network nodes. Forensic audit system implemented in this paper can prevent, audit and trace the computer related crimes in IT infrastructure by real time monitoring and evidence seizure.

• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.3
• /
• pp.807-819
• /
• 2021

This study aims to determine the availability of forensic accounting application factors sought by auditors' representatives of Jordanian Certified Public Accounting and auditors working in the Audit Bureau. The study identifies as well the role of these application factors in enhancing the efficiency of auditors due to the increased responsibility on them in the face of various fraud cases on the one hand, and their appearance in the courts as financial experts supporting the judiciary to adjudicate financial cases on the other hand. To achieve the objectives of the study, the researchers used the descriptive analytical method because of its suitability for the nature of the research. The population of the study consisted of 433 Jordanian certified public accountants and 520 auditors working in the Audit Bureau, from which a sample of 426 was constructed. A questionnaire was developed to collect data and the Statistical Package for Social Sciences was utilized to analyze data and test hypotheses. The study found that there is a statistical difference between the responses of the two samples of the study, and it concluded a set of recommendations, which are hoped to help legislators in strengthening and developing the forensic accounting profession in Jordan.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.79-90
• /
• 2017

If digital forensic investigators can utilize file access logs when they audit insider information leakage cases or incident cases, it would be helpful to understand user's behaviors more clearly. There are many known artifacts related to file access in MS Windows. But each of the artifacts often lacks critical information, and they are usually not preserved for enough time. So it is hard to track down what has happened in a real case. In this thesis, I suggest a method to utilize SACL(System Access Control List) which is one of the audit functions provided by MS Windows. By applying this method of strengthening the Windows's audit settings, even small organizations that cannot adopt security solutions can build better environment for conducting digital forensic when an incident occurs.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.271-272
• /
• 2014

As E-discovery in criminal investigation is increasing, the importance of Forensic Tools which can legally extract data with high effectiveness is getting higher. Digital products are growing fast. Therefore, Forensic Tools should be implemented readily to suit users and events well. Although forensic industry and governments use expensive forensic tools, some have suggested limitations to its use, such as memory limitations and the limits of post-audit. We need to develop open source forensic tools that can implement a variety of forensic tool fast. This research studies digital forensics technical skills which are commercialized currently and suggests applicable strategies of the open digital forensics to help overcome these limitations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.591-603
• /
• 2018

Windows Event Log is a format that records system log in Windows operating system and methodically manages information about system operation. An event can be caused by system itself or by user's specific actions, and some event logs can be used for corporate security audits, malware detection and so on. In this paper, we choose actions related to corporate security audit and malware detection (External storage connection, Application install, Shared folder usage, Printer usage, Remote connection/disconnection, File/Registry manipulation, Process creation, DNS query, Windows service, PC startup/shutdown, Log on/off, Power saving mode, Network connection/disconnection, Event log deletion and System time change), which can be detected through event log analysis and classify event IDs that occur in each situation. Also, the existing event log tools only include functions related to the EVTX file parse and it is difficult to track user's behavior when used in a forensic investigation. So we implemented new analysis tool in this study which parses EVTX files and user behaviors.

• Journal of Information Processing Systems
• /
• v.6 no.2
• /
• pp.253-260
• /
• 2010

Communication devices aim to provide a multimedia service without spatial or temporal limitations in an IP-based environment. However, it is incapable of allowing for fair use by consumers who legally buy content, and damages provider contents through the indiscriminate distribution and use of illegal contents. The DRM system that emerged to solve this problem cannot protect licenses stored on communication devices, and manage licenses by redistribution. This paper proposes a license audit model, which checks for illegal access, modification and redistribution, and reports alert logs to the server.

• Journal of Advanced Navigation Technology
• /
• v.18 no.5
• /
• pp.494-500
• /
• 2014

Recently the leak of personal information from in-house and contract-managed companies has been continually increasing, which leads a regular observation on outsourcing companies that perform the personal information management system to prevent dangers from the leakage, stolen and loss of personal information. However, analyzing many numbers of computers in limited time has found few difficulties in some circumstances-such as outsourcing companies that own computers that have personal information system or task continuities that being related to company's profits. For the reason, it is necessary to select an object of examination through identifying a high-risk of personal data leak. In this paper, this study will formulate a proposal for the selection of high-risk subjects, which is based on the user interface, by digital forensic. The study designs the integrated analysis tool and demonstrates the effects of the tool through the test results.

• Journal of Advanced Navigation Technology
• /
• v.13 no.3
• /
• pp.438-447
• /
• 2009

Digital home devices aims at providing the multimedia service which is not limited at time and space in home network environment. However, it is incapable of the fair use of consumers who legally buys contents, and causes damage to the contents providers owing to the indiscriminate distribution and use of illegal contents. DRM system appeared to solve this problem cannot protect the license stored on digital home devices and manage license by redistribution. This paper proposes a license audit model which makes an inspection of illegal access, modification and redistribution and reports alert logs to server.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.275-278
• /
• 2013

Log is a file system, a system that uses all remaining data. Want situation now being issued in the IT, media Nate on information disclosure, the press agency server hack by numbness crime occurred. Hacking crisis that's going through this log analysis software professionally for professional analysis is needed. The present study, about APT attacks happening intelligently Log In case of more than traceback in advance to prevent the technology to analyze the pattern for log analysis techniques.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.7 no.4
• /
• pp.97-106
• /
• 2008

This proposed system is a part of internal control system that national highway need to support their ITS information audit. This paper explains the design and implementation of a packet interceptor and a DB query analyzer. The packet interceptor sniffs users' query packets, and then the DB query analyzer parses the SQL queries and stores the users' DB access information such as SQL queries, access data and changing data. The information may be used as the evidences on internal control of users and users' accesses.